Cracker Jack FAQ Written by kM

Corrections and Password files can

be sent to kM@hackersclub.com for cracking.
Questions and Comments are welcome too.
=======================================

The number one problem in today's internet server is a bad security setup.
If someone doesn't protect or shawdow that passwd file in the /etc directory
someone is going to take it and have total control of your server. By
default Unix drops the passwords (encrypted) into a passwd if the /etc. Its
the admins job to make sure that no one can download this and run it against
a brute force attacker. IE: Cracker Jack.

I use Cracker Jack because so far it seems to work fine for me. It does work
and I will prove it to you. Ok enuff of the bullshit..now if you can
get or trade for a passwd file. I can show you in the faq what you need
to do in order to crack the fucker.

Step 1: Cracker Jack is picky when it comes to memory...you better

have no flaws in it. Therefore when you boot your computer (win95 /dos)
bypass all configurations and drop to dos. In DOS 6.22 its f5 when it
says "Starting MS-DOS" Win95 you can do Shift-F8 and then F5 till you get
to a dos prompt. Cracker Jack has been tested by me in both enviorments
and works correctly only under a clean boot.
---------------------------------------------------------------------------
Step 2: Go into the Cracker Jack Directory. Cracker Jack uses a word list
in which it compares the encrypted password to the wordlist in which
you specify. You can make one up if you like or use the default one
that comes with Cracker Jack. Puffs.dic Now...depending on where the
passwd file comes from (country) slap a dictionary file from that country
against it. (Example: Mexican Passwd file...hit it with a Spanish
Dictionary). Ok now that we have this clear lets start...
--------------------------------------------------------------------------
Step 3: Run jack.exe.. You should get this...if you get something else
try booting your PC clean. If not find another copy..might be
corrupted.

Cracker Jack version 1.4 for OS/2 and DOS (386)

Copyright (C) 1993, The Jackal, Denmark

PWfile(s) :
Wordfile :

Where it asks you for the pwfile... put the passwd lists name.
Where it asks for the Wordfile put the dictionary name. Now it will
start cracking the bitch. You will here beeps and see screen output
when it cracks an account. It will display the password it cracked
and the user id next to it.

Here is an example:

Cracker Jack version 1.4 for OS/2 and DOS (386)

Copyright (C) 1993, The Jackal, Denmark

PWfile(s) : gate.pwd
Wordfile : puffs.dic

Initializing session data...

Loaded 886 total accounts with 768 different salts.
Cracking... (Hit any key for status, Ctrl-C to abort)
-------------------------------------------------------------------------
After it cracks one you should see this display..

Cracker Jack version 1.4 for OS/2 and DOS (386)

Copyright (C) 1993, The Jackal, Denmark

PWfile(s) : gate.pwd
Wordfile : puffs.dic

Initializing session data...

Loaded 886 total accounts with 768 different salts.

Cracking... (Hit any key for status, Ctrl-C to abort)

marika #(gkantor)

^- Password ^- UserId

You won't have to write this down..with cracker jack it will store
the cracked ids into a file called jack.pot. You can use a program
that comes with Cracker Jack called jackpot.exe to write a text file
for you with the information and everything. This is what you do after
you are finished cracking the passwd file.

jackpot gate.pwd > cracked.txt

jackpot reads the passwd file and compares it to Jack.pot and the > means
pipe it to a text file cracked.txt is a name I made up. Name it anything
you want. After you do this your cracked.txt should look like this...

PWfile(s) : gate.pwd

gkantor:marika:3009:301:George Kantor:/u3/gkantor:/bin/ksh

1 account cracked, 885 left.

---------------------------------------------------------------------
*** REMEMBER ***
You can use any wordfile or dictionary file you want...just specify
it on the wordfile line.

** NOTE **
Use this as a learning tool...I won't be held liable for your lameness.

Now that I have given you newbies all you need to know about using
cracker jack please give me my due credit for sitting down and writing
this bad little puppy out for you.

I have cracked many password files and the only ones that are hard to
crack are the shadow'd passwd files. They too can be cracked but they
take a little more time..and thats another faq intirely. So if your
a systems adminstrator please protect that dear passwd file. :)

- kM -
Webmaster of HackerZ Hideout & Hackersclub
http://www.hackersclub.com/km